[Pdns-users] Sending up public dnssec key to registry thru EPP

Thu, 30 Nov 2017 07:24:19 -0800 

Hi all!

On a zone I get the following result from pdnsutil show-zone
ID = 3 (CSK), flags = 257, tag = 27425, algo = 13, bits = 256 Active ( ECDSAP256SHA256 ) CSK DNSKEY = domain.se. IN DNSKEY 257 3 13 6TPW2LtkyHxnp6seozCgy30K1de6VyjdhRj9bojnM2lnEx7mp27A0nGs/tEoIOL4zD/I34gppG0+8WCvZbUmlA== ; ( ECDSAP256SHA256 ) DS = egenblog.se. IN DS 27425 13 1 7d75ae2189369bc118e725001bfa86ff7af66206 ; ( SHA1 digest ) DS = egenblog.se. IN DS 27425 13 2 ad9db84fc7ac21653489c5497c9eb46e56b362e4f52e9b7e9819eed290f06b94 ; ( SHA256 digest ) DS = egenblog.se. IN DS 27425 13 3 472a9c2dc388036c326d0258030902c9ea80842d4cedb86baa58d58bb94f87ef ; ( GOST R 34.11-94 digest ) DS = egenblog.se. IN DS 27425 13 4 b8b8c05fa5545fa8f2d22e319d97fc9b9e6ec124f36387ee0d42f910d777caa6e315d4cba2b16bc0b535e1a555d1482f ; ( SHA-384 digest )
Now I'm sending the following command to the IIS Epp server choosing the SHA256 digest : 


<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"> 
  <command>
    <update>
<domain:update xmlns:domain="urn:ietf:params:xml:ns:domain-1.0" xsi:schemaLocation="urn:ietf:params:xml:ns:domain-1.0 domain-1.0.xsd"> 
        <domain:name>domain.se</domain:name>
      </domain:update>
    </update>
    <extension>
<secDNS:update xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.0" xsi:schemaLocation="urn:ietf:params:xml:ns:secDNS-1.0 secDNS-1.0.xsd"> 
        <secDNS:add>
          <secDNS:keyTag>27425</secDNS:keyTag>
          <secDNS:alg>13</secDNS:alg>
          <secDNS:digestType>2</secDNS:digestType>

<secDNS:digest>ad9db84fc7ac21653489c5497c9eb46e56b362e4f52e9b7e9819eed290f06b94</secDNS:digest>
        </secDNS:add>
      </secDNS:update>
    </extension>
    <clTRID>HJGS-20171130T145642Z-8176</clTRID>
  </command>
</epp>
But this has no effect, the domain is still unsigned, am I sending up the wrong public key? 



Kind regards,
Daniel

_______________________________________________
Pdns-users mailing list
[email protected]
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply via email to